One of the areas of risk which is traditionally assessed
is that of geography or country risk. The UK Bribery Act Guidance defines
country risk as:
Country risk: this is evidenced by perceived
high levels of corruption, an absence of effectively implemented anti-bribery
legislation and a failure of the foreign government, media, local business
community and civil society effectively to promote transparent procurement and
This definition would seem to call for more than an
analysis of whether countries are perceived as "the usual suspects" when it
comes to risk. Most compliance practitioners to date have used the Transparency
International Corruptions Perceptions Index to assess country risk. The
Corruptions Perceptions Index, as defined by Transparency International,
"ranks more than 150 countries in terms of perceived levels of
corruption, as determined by expert assessments and opinion surveys." However,
the guidance for best practices, as set forth in the most recent Bribery
Act Guidance the concept of 'compliance convergence' and the recent Deferred
Prosecution Agreements (DPAs) entered into by the US Department of Justice
(DOJ), would seem to indicate that a more robust risk assessment should be
utilized regarding the corruption and compliance risks of individual controls.
I recently had the opportunity to review another tool
with which companies can assess an overall geographic or country risk. It is a
product called "Country-Check" and it was developed by World-Check (Full Disclosure:
World-Check is the sponsor of the World-Check FCPA Speaking Tour, of which I am
a participant.) The Country-Check tool is a customizable risk index that ranks
the overall risk levels in 244 jurisdictions across the globe.
Country-Check measures risk using over 140 input sources.
From these input sources, a company can access up to 42 dimensions of risks
from a wide spectrum of different types of threats which may need assessment.
These types of risks include: (1) political - varying from governance types to
civil liberties, regulatory control, control of corruption and human rights
issues; (2) financial - from GDP, overall country debt, military expenditure,
average per capita savings and economic freedom; (3) criminality - factors
ranging from money-laundering and fraud to terrorism, corruption, export
control and the overall country crime rate.
In addition to the above, the Country-Check model can be
custom developed which allows a company to make individual adjustments for not
only the inputs it perceives as important for its own business but also allows
an industry weighted assessment. This factor would come into play with the risk
assessments discussed in the initial three DPAs, released in 2011. These DPAs
were with Alcatel-Lucent, Maxwell Technologies and Tyson Foods respectively. In
each of these DPAs, the DOJ mandated that the companies assess the geographic
risks which each of these companies face in the areas where they conduct
business. However, these mandated risk assessments went beyond simply geography
to such areas as government touch points in conducting business. The
Country-Check model would allow a company to customize the product so that a
report is generated which measures this type of risk.
In the concept of compliance convergence risks posed
beyond simply those relating to the violations of the US Foreign Corrupt
Practices Act (FCPA) or UK Bribery Act should also be assessed. This means that
a company should also review such areas as propensity of a country to engage in
or have lax enforcement of anti-money laundering laws and regulations and have
issues related to vigorous enforcement of export controls. The Country-Check
tool provides standardized risk intelligence for all of these areas. The beauty
of such a tool is that not only does a company garner a more sophisticated
picture of the overall risk it may be facing and perform enhanced due diligence
as required, such an analysis allows a company to manage these risks more
effective by deploying stronger management assets as called for through such a
As companies and regulators grow more sophisticated in
the areas of anti-bribery and anti-corruption, best practices keep
evolving. The risk assessment that a company does should inform its overall
compliance program. The Country-Check tool is a very powerful instrument by
which companies can perform a sophisticated risk analysis of a country which
they are assessing. I suggest that you head over to the Country-Check website and take a look
at the offering.
If you are in Phoenix or San Diego, the World Check FCPA
Tour will be in your city this week. Please come out and here about the most
current FCPA best practices.
Tuesday, May 3 from 8-10 AM PDT at McCormick
& Schmick's Seafood Restaurant, in Phoenix, AZ. For information and
registration details click here.
Wednesday, May 4 from 8-10 AM PDT at San
Diego Marriott Del Mar: Santa Fe Ballroom, in San Diego, CA. For information
and registration details click here.
My colleague Howard Sklar had an interesting idea. It was
that he and I do a video chat each week on the past week's stories from the
world of compliance. We have begun this journey and the results are "This
Week in FCPA"; which can be found here.
Every week, Howard and I will get together and talk about
the week's events in FCPA. This week, we talk about the UK Bribery Act, and how
companies should react; we discuss the Johnson & Johnson deferred
prosecution agreement and J&J's added undertakings; and we discuss the
recent challenges to the idea that state-owned entities can be foreign officials.
We also talk about what contract provisions should be in every contract, and
whether audit rights are a good thing or not.
Visit the FCPA Compliance and Ethics Blog,
hosted by Thomas Fox, for more commentary on FCPA compliance, indemnities and
other forms of risk management for a worldwide energy practice, tax issues
faced by multi-national US companies, insurance coverage issues and protection
of trade secrets.
This publication contains general information
only and is based on the experiences and research of the author. The author is
not, by means of this publication, rendering business, legal advice, or other
professional advice or services. This publication is not a substitute for such
legal advice or services, nor should it be used as a basis for any decision or
action that may affect your business. Before making any decision or taking any
action that may affect your business, you should consult a qualified legal
advisor. The author, his affiliates, and related entities shall not be
responsible for any loss sustained by any person or entity that relies on this
publication. The Author gives his permission to link, post, distribute, or
reference this article for any lawful purpose, provided attribution is made to
the author. The author can be reached at firstname.lastname@example.org.
© Thomas R. Fox, 2011
For more information about LexisNexis
products and solutions connect with us through our corporate site.